U @†6^O ã@s@ddlZddlZddlZddlmZmZmZGdd„deƒZdS)éN)Ú SpiderFootÚSpiderFootPluginÚSpiderFootEventc@s€eZdZdZddddddddœZdddd d d d œZd Zd Zd Ze ƒfdd„Z dd„Z dd„Z dd„Z dd„Zdd„Zdd„Zd S)Ú sfp_dnsbrutez|DNS Brute-force:Footprint,Investigate:DNS::Attempts to identify hostnames through brute-forcing common names and iterations.TFéd)ÚskipcommonwildcardÚ domainonlyÚcommonsÚtop10000Ú numbersuffixÚnumbersuffixlimitÚ _maxthreadsz8If wildcard DNS is detected, don't bother brute-forcing.zgOnly attempt to brute-force names on domain names, not hostnames (some hostnames are also sub-domains).z5Try a list of about 750 common hostnames/sub-domains.zRTry a further 10,000 common hostnames/sub-domains. Will make the scan much slower.zSFor any host found, try appending 1, 01, 001, -1, -01, -001, 2, 02, etc. (up to 10)zŒLimit using the number suffixes for hosts that have already been resolved? If disabled this will significantly extend the duration of scans.)rrr r r r Nc CsÞ||_| ¡|_| ¡|_d|_t ¡|_t|  ¡ƒD]}|||j |<q6tƒ}|j dr’t |j  ¡ddƒ}|  ¡}|D]}| ¡}d|j|<qztƒ}|j drÚt |j  ¡ddƒ}|  ¡}|D]}| ¡}d|j|<qÂdS)NÚDNSr z/dicts/subdomains.txtÚrTr z/dicts/subdomains-10000.txt)ÚsfÚ tempStorageÚsublistÚeventsÚ__dataSource__Ú threadingÚLockÚlockÚlistÚkeysÚoptsÚopenÚmyPathÚ readlinesÚstrip) ÚselfÚsfcÚuserOptsÚoptZcslinesÚcsÚsZttlinesÚtt©r&ú7/var/www/spiderfoot.crq.systems/modules/sfp_dnsbrute.pyÚsetup0s*      zsfp_dnsbrute.setupcCs(dg}|jdr|jdr$| d¡|S)NÚ DOMAIN_NAMErr Ú INTERNET_NAME)rÚappend)rÚretr&r&r'Ú watchedEventsKs zsfp_dnsbrute.watchedEventscCsdgS)Nr*r&)rr&r&r'ÚproducedEventsTszsfp_dnsbrute.producedEventsc Cstz0|j |¡}|r.|jd|j|<W5QRXWn>tk rn}z |jd|j|<W5QRXW5d}~XYnXdS)NTF)rÚ resolveHostrÚ hostResultsÚ BaseException)rÚnameÚaddrsÚer&r&r'ÚtryHostWs zsfp_dnsbrute.tryHostc CsØtƒ|_d}d}g}|j dt|ƒ¡|D]F}dtt dd¡ƒ}| tj ||j |fd¡||  ¡|d7}q,|r®d}t  ¡D]} | j  d¡r„d}q„|s¢d}t d ¡qt|jD]} |j | d¡r´| || ¡q´dS) NTrz!Spawning threads to check hosts: Zthread_sfp_dnsbrute_iÿÉš;)r2ÚtargetÚargséFgš™™™™™©?)Údictr0rÚinfoÚstrÚrandomÚrandintr+rÚThreadr5ÚstartÚ enumerater2Ú startswithÚtimeÚsleepÚgetÚ sendEvent) rZhostListÚ sourceEventÚrunningÚiÚtr2ÚtnÚfoundÚrtÚresr&r&r'ÚtryHostWrapperas*      zsfp_dnsbrute.tryHostWrappercCs.|j d|¡td||j|ƒ}| |¡dS)NzFound a brute-forced host: r*)rr:rÚ__name__ÚnotifyListeners)rÚsourceÚresultÚevtr&r&r'rE€szsfp_dnsbrute.sendEventcCs¢|j}|j}|j}|j |¡}|}|j d|d|¡|dkrFdS||jkrTdSd|j|<|dkr˜| ¡j|dds˜|j dsŠdS|  ¡r–dS|  d d ¡\}}|j  |¡} |j d rØ| rØ|j d |d ¡dSd |}t ƒ} tdƒD]} d| |t| ƒ|<d| |dt| ƒ|<d| |dt| ƒ|<d| |dt| ƒ|<d| |dt| ƒ|<d| |dt| ƒ|<qî| t|  ¡ƒ|¡dS| ¡j|dds°dS|j d¡|j  |¡} |j d rê| rê|j d¡dStƒ} |jD]T} |  ¡r dS| d |}t| ƒ|j dkr6|  |¡n| | |¡tƒ} qöt| ƒdkrf| | |¡|j drž|j dsžt ƒ} d |}|jD]è}|  ¡r¦dStdƒD]’} d| |t| ƒ|<d| |dt| ƒ|<d| |dt| ƒ|<d| |dt| ƒ|<d| |dt| ƒ|<d| |dt| ƒ|<q®tt|  ¡ƒƒ|j dkr’| t|  ¡ƒ|¡t ƒ} q’t| ƒdkrž| t|  ¡ƒ|¡dS)NzReceived event, z, from rTr*F)ÚincludeChildrenr Ú.r8rzWildcard DNS detected on z so skipping host iteration.é Ú0Z00ú-z-0z-00z'Iterating through possible sub-domains.zWildcard DNS detected.r rr )Ú eventTypeÚmoduleÚdatarÚ hashstringÚdebugrÚ getTargetÚmatchesrÚ checkForStopÚsplitÚcheckDnsWildcardr9Úranger;rNrrrÚlenr+)rÚeventÚ eventNameÚ srcModuleNameÚ eventDataÚ eventDataHashÚ parentEventÚhÚdomZwildcardZnextsubsrHÚ targetListÚsubr2r$r&r&r'Ú handleEvent‡sˆ                    zsfp_dnsbrute.handleEvent)rOÚ __module__Ú __qualname__Ú__doc__rÚoptdescsrrrr9r(r-r.r5rNrEror&r&r&r'rs4ù ú   r)r<rrBÚsflibrrrrr&r&r&r'Ús